Re: [Openvas-discuss] Service temporarily down - status code 503

[Marcin Szatkowski]

Hi,

I'm not sure if I missed a reply for my issue or whether the problem is so 
severe that I need to reinstall OpenVAS from scratch.

Cheers,
Marcin

-Original Message-
From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] On 
Behalf Of Marcin Szatkowski
Sent: 03 November 2016 08:46
To: Reindl Harald <h.rei...@thelounge.net>; openvas-discuss@wald.intevation.org
Subject: Re: [Openvas-discuss] Service temporarily down - status code 503

Hi,

Thank you very much for all the tips and guides.

I managed to go through the procedure advised by Christian at 
http://plugins.openvas.org/ova_503.txt .
I had to modify the paths to the certificates slightly as they seem be located 
directly under /var/lib instead of /usr/local/var/lib.
There was also no command for systemctl start gsa. I found a similar one which 
was systemctl start greenbone-security-assistant.service. I assume that's the 
one I need.
I also had to remove the old certificate from Firefox in order to access the 
GSA website.
I'm using Kali Linux by the way.
I'm not getting the status code 503 anymore. However now whenever I click on 
Start button next to any task I've got preconfigured the only thing that 
happens is the spinning wheel in Firefox. When I refresh the website after 
couple of minutes of inactivity Status of the Task stays on Done and does not 
change to Requested or Running.

Best regards,
Marcin


Marcin Szatkowski
Lead Network Engineer
Twisted Fish Limited

020 3141 6274
020 8940 4933
07887 886 775
mailto:marcin.szatkow...@twistedfish.com

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. If 
you have received this email in error please notify the system manager. Please 
note that any views or opinions presented in this email are solely those of the 
author and do not necessarily represent those of the company. Finally, the 
recipient should check this email and any attachments for the presence of 
viruses. The company accepts no liability for any damage caused by any virus 
transmitted by this email.


-Original Message-
From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] On 
Behalf Of Reindl Harald
Sent: 02 November 2016 15:11
To: openvas-discuss@wald.intevation.org
Subject: Re: [Openvas-discuss] Service temporarily down - status code 503

interesting that one needs also "openvasmd --modify-scanner" and why in the 
world are they only valid for 365 days?

"openvas-mkcert -f" asks and you can enter 3650 "openvas-mkcert-client -i -n" 
don't ask

frankly when you have everything except GSA configured to listen and connect 
only on 127.0.0.1 that whole TLS dance is so useless

the website is BTW missing "systemctl stop openvas-gsa.service" at the begin, 
otherwise the start-command don't make much sense 
__

on Fedora that would mean:

systemctl stop openvas-scanner.service openvas-manager.service 
openvas-gsa.service openvas-mkcert -f openvas-mkcert-client -i -n openvasmd 
--get-scanners openvasmd --modify-scanner "08b69003-5fc2-4037-a479-93b440211c73"
--scanner-ca-pub /etc/pki/openvas/CA/cacert.pem --scanner-key-pub 
/etc/pki/openvas/CA/clientcert.pem --scanner-key-priv 
/etc/pki/openvas/private/CA/clientkey.pem
openvas-nvt-sync
openvasmd --rebuild
systemctl start openvas-manager
systemctl start openvas-gsa.service
__

if the scan still fails it's likely because the scanner did fail to start and 
so a "systemctl restart openvas-scanner.service" may help

Operation:  Start Task
Status code:503
Status message: Service temporarily down

? openvas-scanner.service - OpenVAS Scanner
Loaded: loaded (/etc/systemd/system/openvas-scanner.service;
enabled; vendor preset: disabled)
Active: failed (Result: signal) since Mi 2016-11-02 15:53:43 CET; 13min ago
   Process: 707 ExecStart=/usr/sbin/openvassd -f $SCANNER_PORT $SCANNER_LISTEN 
$SCANNER_SRCIP (code=killed, signal=KILL)
  Main PID: 707 (code=killed, signal=KILL) 
__


Am 02.11.2016 um 09:32 schrieb Christian Fischer:
> Hi,
>
> On 28.10.2016 16:18, Marcin Szatkowski wrote:
>> I was also messing around with certificates so that might be one of the 
>> issues. I went through countless troubleshooting steps and articles.
>
> the certificates are most likely your issue here. Have you also found 
> this step-by-step tutorial how to create a fresh certificate setup 
> which should solve your issue here:
>
> http://plugins.openvas.org/ova_503.txt
>
>> OpenVAS Scanner 5.0.5
>> OpenVAS Manager 6.0.8
>> Greenbone Security Assistant 6.0.10
>
> You might also want to update these components as they are quite outdated:
>
> http://openvas.org/install-source.html

Re: [Openvas-discuss] Service temporarily down - status code 503

[Christian Fischer]

Hi,

On 02.11.2016 16:10, Reindl Harald wrote:
> "openvas-mkcert -f" asks and you can enter 3650
> "openvas-mkcert-client -i -n" don't ask

openvas-mkcert-client -h

-n Run non-interactively, create certificates and register user with
the OpenVAS scanner

If you skip the -n parameter you will also get asked for the certificate
life time.

> frankly when you have everything except GSA configured to listen and
> connect only on 127.0.0.1 that whole TLS dance is so useless

The OpenVAS9 betas have already the possibility to use unix sockets for
the connection between the components. So after the final release of
OpenVAS9 this is not needed anymore.

> the website is BTW missing "systemctl stop openvas-gsa.service" at the
begin, otherwise the start-command don't make much sense

Thanks, just was updated. Please also note that the linked documentation
is matching the needed steps for the OpenVAS VM available at
http://openvas.org/vm.html. They might differ if other distros are used.

Regards,

-- 

Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
Greenbone Networks GmbH | http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down - status code 503

[Marcin Szatkowski]

Hi,

Thank you very much for all the tips and guides.

I managed to go through the procedure advised by Christian at 
http://plugins.openvas.org/ova_503.txt .
I had to modify the paths to the certificates slightly as they seem be located 
directly under /var/lib instead of /usr/local/var/lib.
There was also no command for systemctl start gsa. I found a similar one which 
was systemctl start greenbone-security-assistant.service. I assume that's the 
one I need.
I also had to remove the old certificate from Firefox in order to access the 
GSA website.
I'm using Kali Linux by the way.
I'm not getting the status code 503 anymore. However now whenever I click on 
Start button next to any task I've got preconfigured the only thing that 
happens is the spinning wheel in Firefox. When I refresh the website after 
couple of minutes of inactivity Status of the Task stays on Done and does not 
change to Requested or Running.

Best regards,
Marcin


Marcin Szatkowski
Lead Network Engineer
Twisted Fish Limited

020 3141 6274
020 8940 4933
07887 886 775
mailto:marcin.szatkow...@twistedfish.com

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. If 
you have received this email in error please notify the system manager. Please 
note that any views or opinions presented in this email are solely those of the 
author and do not necessarily represent those of the company. Finally, the 
recipient should check this email and any attachments for the presence of 
viruses. The company accepts no liability for any damage caused by any virus 
transmitted by this email.


-Original Message-
From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] On 
Behalf Of Reindl Harald
Sent: 02 November 2016 15:11
To: openvas-discuss@wald.intevation.org
Subject: Re: [Openvas-discuss] Service temporarily down - status code 503

interesting that one needs also "openvasmd --modify-scanner" and why in the 
world are they only valid for 365 days?

"openvas-mkcert -f" asks and you can enter 3650 "openvas-mkcert-client -i -n" 
don't ask

frankly when you have everything except GSA configured to listen and connect 
only on 127.0.0.1 that whole TLS dance is so useless

the website is BTW missing "systemctl stop openvas-gsa.service" at the begin, 
otherwise the start-command don't make much sense 
__

on Fedora that would mean:

systemctl stop openvas-scanner.service openvas-manager.service 
openvas-gsa.service openvas-mkcert -f openvas-mkcert-client -i -n openvasmd 
--get-scanners openvasmd --modify-scanner "08b69003-5fc2-4037-a479-93b440211c73"
--scanner-ca-pub /etc/pki/openvas/CA/cacert.pem --scanner-key-pub 
/etc/pki/openvas/CA/clientcert.pem --scanner-key-priv 
/etc/pki/openvas/private/CA/clientkey.pem
openvas-nvt-sync
openvasmd --rebuild
systemctl start openvas-manager
systemctl start openvas-gsa.service
__

if the scan still fails it's likely because the scanner did fail to start and 
so a "systemctl restart openvas-scanner.service" may help

Operation:  Start Task
Status code:503
Status message: Service temporarily down

? openvas-scanner.service - OpenVAS Scanner
Loaded: loaded (/etc/systemd/system/openvas-scanner.service;
enabled; vendor preset: disabled)
Active: failed (Result: signal) since Mi 2016-11-02 15:53:43 CET; 13min ago
   Process: 707 ExecStart=/usr/sbin/openvassd -f $SCANNER_PORT $SCANNER_LISTEN 
$SCANNER_SRCIP (code=killed, signal=KILL)
  Main PID: 707 (code=killed, signal=KILL) 
__


Am 02.11.2016 um 09:32 schrieb Christian Fischer:
> Hi,
>
> On 28.10.2016 16:18, Marcin Szatkowski wrote:
>> I was also messing around with certificates so that might be one of the 
>> issues. I went through countless troubleshooting steps and articles.
>
> the certificates are most likely your issue here. Have you also found
> this step-by-step tutorial how to create a fresh certificate setup
> which should solve your issue here:
>
> http://plugins.openvas.org/ova_503.txt
>
>> OpenVAS Scanner 5.0.5
>> OpenVAS Manager 6.0.8
>> Greenbone Security Assistant 6.0.10
>
> You might also want to update these components as they are quite outdated:
>
> http://openvas.org/install-source.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

-
This email was processed through the Twisted Fish spam filter to filter junk 
messages.
If you feel this message has been tagged incorrectly, you can change its 
category by clicking the link below.
Click 

Re: [Openvas-discuss] Service temporarily down - status code 503

[Reindl Harald]

interesting that one needs also "openvasmd --modify-scanner" and why in 
the world are they only valid for 365 days?


"openvas-mkcert -f" asks and you can enter 3650
"openvas-mkcert-client -i -n" don't ask

frankly when you have everything except GSA configured to listen and 
connect only on 127.0.0.1 that whole TLS dance is so useless


the website is BTW missing "systemctl stop openvas-gsa.service" at the 
begin, otherwise the start-command don't make much sense

__

on Fedora that would mean:

systemctl stop openvas-scanner.service openvas-manager.service 
openvas-gsa.service

openvas-mkcert -f
openvas-mkcert-client -i -n
openvasmd --get-scanners
openvasmd --modify-scanner "08b69003-5fc2-4037-a479-93b440211c73" 
--scanner-ca-pub /etc/pki/openvas/CA/cacert.pem --scanner-key-pub 
/etc/pki/openvas/CA/clientcert.pem --scanner-key-priv 
/etc/pki/openvas/private/CA/clientkey.pem

openvas-nvt-sync
openvasmd --rebuild
systemctl start openvas-manager
systemctl start openvas-gsa.service
__

if the scan still fails it's likely because the scanner did fail to 
start and so a "systemctl restart openvas-scanner.service" may help


Operation:  Start Task
Status code:503
Status message: Service temporarily down

? openvas-scanner.service - OpenVAS Scanner
   Loaded: loaded (/etc/systemd/system/openvas-scanner.service; 
enabled; vendor preset: disabled)
   Active: failed (Result: signal) since Mi 2016-11-02 15:53:43 CET; 
13min ago
  Process: 707 ExecStart=/usr/sbin/openvassd -f $SCANNER_PORT 
$SCANNER_LISTEN $SCANNER_SRCIP (code=killed, signal=KILL)

 Main PID: 707 (code=killed, signal=KILL)
__


Am 02.11.2016 um 09:32 schrieb Christian Fischer:

Hi,

On 28.10.2016 16:18, Marcin Szatkowski wrote:

I was also messing around with certificates so that might be one of the issues. 
I went through countless troubleshooting steps and articles.


the certificates are most likely your issue here. Have you also found
this step-by-step tutorial how to create a fresh certificate setup which
should solve your issue here:

http://plugins.openvas.org/ova_503.txt


OpenVAS Scanner 5.0.5
OpenVAS Manager 6.0.8
Greenbone Security Assistant 6.0.10


You might also want to update these components as they are quite outdated:

http://openvas.org/install-source.html

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down - status code 503

[Christian Fischer]

Hi,

On 28.10.2016 16:18, Marcin Szatkowski wrote:
> I was also messing around with certificates so that might be one of the 
> issues. I went through countless troubleshooting steps and articles. 

the certificates are most likely your issue here. Have you also found
this step-by-step tutorial how to create a fresh certificate setup which
should solve your issue here:

http://plugins.openvas.org/ova_503.txt

> OpenVAS Scanner 5.0.5
> OpenVAS Manager 6.0.8
> Greenbone Security Assistant 6.0.10

You might also want to update these components as they are quite outdated:

http://openvas.org/install-source.html

-- 

Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
Greenbone Networks GmbH | http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Fábio Fernandes]

First check if the processes are running.

openvassd
openvasmd
gsad

Then try these solution:

http://plugins.openvas.org/ova_503.txt <http://plugins.openvas.org/ova_503.txt>

If it is still not scanning try this:

https://forums.kali.org/showthread.php?29682-Openvas-Reloaded-all-the-NVTs-issue
 
<https://forums.kali.org/showthread.php?29682-Openvas-Reloaded-all-the-NVTs-issue>

> No dia 29/09/2016, às 17:00, Παναγιώτης Λεόντιος <leonti...@ath.forthnet.gr> 
> escreveu:
> 
> Dear Chris,
> 
> I had exactly the same problem!
> Started with all the 503.txt stuff but no luck.
> I also did all the Debian updates and everything recommended in the OpenVAS
> Demo page.
> I also deleted my first installation and replaced it with a fresh one.
> There were some advice from several guys in here, but nothing seemed to
> work...
> At some point it worked!!!
> Honestly, there is not something specific I did and remember to tell you
> about :(
> But, keep updating everything (OS, NVTs, run 503.txt again) and hopefully it
> will eventually run.
> Alternatively, you can install the Kali packages (OVA file) in VM; it works
> with no problems whatsoever. 
> 
> Panos
> 
> -Original Message-
> From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org]
> On Behalf Of Christoph Hodel
> Sent: Thursday, September 29, 2016 6:38 PM
> To: openvas-discuss@wald.intevation.org
> Subject: [Openvas-discuss] Service temporarily down
> 
> Hi all
> 
> I still have the same problem:
> Downloaded vm from homepage with demo installation.
> All works fine, except...
> 
> Running openvas-check-setup returns " It seems like your OpenVAS
> installation is OK."
> Attached the log file of the check.
> 
> But the result for running a task is always:
> "Results of last operation: Start Task: 503 Service temporarily down"
> 
> We have already done these steps:
> http://plugins.openvas.org/ova_503.txt
> 
> Who can help? Thank to all...
> Chris
> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Παναγιώτης Λεόντιος]

Dear Chris,

I had exactly the same problem!
Started with all the 503.txt stuff but no luck.
I also did all the Debian updates and everything recommended in the OpenVAS
Demo page.
I also deleted my first installation and replaced it with a fresh one.
There were some advice from several guys in here, but nothing seemed to
work...
At some point it worked!!!
Honestly, there is not something specific I did and remember to tell you
about :(
But, keep updating everything (OS, NVTs, run 503.txt again) and hopefully it
will eventually run.
Alternatively, you can install the Kali packages (OVA file) in VM; it works
with no problems whatsoever. 

Panos

-Original Message-
From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org]
On Behalf Of Christoph Hodel
Sent: Thursday, September 29, 2016 6:38 PM
To: openvas-discuss@wald.intevation.org
Subject: [Openvas-discuss] Service temporarily down

Hi all

I still have the same problem:
Downloaded vm from homepage with demo installation.
All works fine, except...

Running openvas-check-setup returns " It seems like your OpenVAS
installation is OK."
Attached the log file of the check.

But the result for running a task is always:
"Results of last operation: Start Task: 503 Service temporarily down"

We have already done these steps:
http://plugins.openvas.org/ova_503.txt

Who can help? Thank to all...
Chris

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Service temporarily down

[Christoph Hodel]

Hi all

I still have the same problem:
Downloaded vm from homepage with demo installation.
All works fine, except...

Running openvas-check-setup returns " It seems like your OpenVAS installation 
is OK."
Attached the log file of the check.

But the result for running a task is always:
"Results of last operation: Start Task: 503 Service temporarily down"

We have already done these steps:
http://plugins.openvas.org/ova_503.txt

Who can help? Thank to all...
Chris


openvas-check-setup.log
Description: openvas-check-setup.log
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Service temporarily down

[Christoph Hodel]

On 27. September 2016 14:41 Christian Fischer wrote

>the document available here shows the needed steps to get it up again:
>http://plugins.openvas.org/ova_503.txt

All works fine - no errors...
But after starting everything, the webinterface ist not available.
After reboot of the VM, it is available again, but still "Service temporarily 
down"! :-(

P.S: Is it correct, that  openvasmd --modify-scanner gives the feedback, that 
server is updated, but --scanner-ca-pub and --scanner-key-pub and 
--scanner-key-priv does not give any feedback?
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Christian Fischer]

Hi,

On 27.09.2016 14:16, Christoph Hodel wrote:
> But the result for running a task is always:
> "Results of last operation: Start Task: 503 Service temporarily down"

the document available here shows the needed steps to get it up again:

http://plugins.openvas.org/ova_503.txt
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Service temporarily down

[Christoph Hodel]

Hi all

Downloaded vm from homepage with demo installation.
All works fine, except...

Running openvas-check-setup returns " It seems like your OpenVAS installation 
is OK."

But the result for running a task is always:
"Results of last operation: Start Task: 503 Service temporarily down"

Attached the log file of the check.

Who can help?
Chris


openvas-check-setup.log
Description: openvas-check-setup.log
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

Any advice how to apply the certificate renewal/change to the database is 
very welcome.

17.11.201511:27:41matthew.mund...@greenbone.net wrote on 09.11.2015 
15:47:39:

> From: > To: Helmut Koers , > Cc: Chris , openvas-disc
u...@wald.intevation.org>
 Date: 09.11.2015 15:48> Subject: Re: [Openvas-discuss] S
ervice temporarily down> Sent by: matthe
w.mund...@greenbone.net> 
> > Where would I need to apply the update? I have not changed the file 
names
> > of the certificates, so my question is, is it a link to the 
certificate
> > files or will the content of the certificate files be imported into 
the
> > database?
> 
> The contents of the certificate files is stored in the database.  The 
links
> are not stored.
> 
> If the certificate changes then anything in the database that uses them
> must change too.
> 
> --
> Greenbone Networks GmbH
> Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
> Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[matthew.mundell]

> Any advice how to apply the certificate renewal/change to the database is
> very welcome.

I use the command I posted in a previous message:

LD_LIBRARY_PATH=/home/mattm/alts/openvas8/lib/ 
~/alts/openvas8/sbin/openvasmd --modify-scanner 
08b69003-5fc2-4037-a479-93b440211c73 --scanner-port  --scanner-ca-pub 
~/alts/openvas8/var/lib/openvas/CA/cacert.pem --scanner-key-pub 
~/alts/openvas8/var/lib/openvas/CA/servercert.pem --scanner-key-priv 
~/alts/openvas8/var/lib/openvas/private/CA/serverkey.pem

Basically, it's openvasmd with the --modify-scanner option.

--
Greenbone Networks GmbH
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

Can you please provide details on how to apply the database updates that 
are needed after the certificate renewal. Is there any documentation 
available regarding this actions?

On the other hand I am a little confused that there is additional action 
needed on Debian OS, but there seems to be no action needed on CentOS, 
after having renewed the certificates, or is the CentOS proceeding based 
on experience from the past where is was not needed?


10.11.201508:32:55matthew.mund...@greenbone.net wrote on 09.11.2015 
15:47:39:

> From: > To: Helmut Koers , > Cc: Chris , openvas-disc
u...@wald.intevation.org>
 Date: 09.11.2015 15:48> Subject: Re: [Openvas-discuss] S
ervice temporarily down> Sent by: matthe
w.mund...@greenbone.net> 
> > Where would I need to apply the update? I have not changed the file 
names
> > of the certificates, so my question is, is it a link to the 
certificate
> > files or will the content of the certificate files be imported into 
the
> > database?
> 
> The contents of the certificate files is stored in the database.  The 
links
> are not stored.
> 
> If the certificate changes then anything in the database that uses them
> must change too.
> 
> --
> Greenbone Networks GmbH
> Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
> Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[matthew.mundell]

> Where would I need to apply the update? I have not changed the file names
> of the certificates, so my question is, is it a link to the certificate
> files or will the content of the certificate files be imported into the
> database?

The contents of the certificate files is stored in the database.  The links
are not stored.

If the certificate changes then anything in the database that uses them
must change too.

--
Greenbone Networks GmbH
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

What I actually do not understand is, why is it working with the 
certificates that are created during OpenVAS set up, but not with the ones 
being created afterwards, using the same tools and versions of it? Can 
that be related to any versions?



From:   Chris <fisch@gmx.de>
To: openvas-discuss@wald.intevation.org, 
Date:   09.11.2015 13:17
Subject:    Re: [Openvas-discuss] Service temporarily down
Sent by:"Openvas-discuss" 
<openvas-discuss-boun...@wald.intevation.org>



> Usually problem might be related to some incorrect library versions.
 
Might be related to one of those reports:

https://wald.intevation.org/tracker/index.php?func=detail=6572_id=29=220

http://comments.gmane.org/gmane.comp.security.openvas.users/6208
https://bugs.gentoo.org/show_bug.cgi?id=525640
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
09.11.201512:56:56

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

Right, unfortunately it is still not working..


09.11.201515:05:33eero.t.voloti...@gmail.com wrote on 09.11.2015 
15:05:33:

> From: Eero Volotinen 
<eero.voloti...@iki.fi>> To: Helmut Koers , > Cc: Chris <fisch@gmx.de>, openvas-disc
u...@wald.intevation.org>
 Date: 09.11.2015 15:13> Subject: Re: [Openvas-discuss] S
ervice temporarily down> Sent by: eer
o.t.voloti...@gmail.com> 
>
 And s
till not working?> Eero> 9.11.2015 3.18 ip. "Helmut Koers" <HKoers@de.h
ellmann.net> kirjoitti:> No, I didn't. I did a clean Debian/OpenVAS 
install just to test that
> issue, I have updated the certificates right after I have installed and
> tested OpenVAS  to check if issue is still there, with no additional
> installations or upgrades.
> 
> 
> 09.11.201514:03:40eero.t.voloti...@gmail.com wrote on 09.11.2015
> 14:03:40:
> 
> > From: Eero Volotinen
> <eero.voloti...@iki.fi>> To: Helmut Koers  o...@de.hellmann.net>, > Cc: Chris <fisch@gmx.de>,
> "openvas-discuss@wald.intevation.org"
> >  s...@wald.intevation.org>>
>  Date: 09.11.2015 14:03> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> > Well, did you upgrade some
>  packages like gnutls?
> > This might be related to software upgr
> ade, no
> t cert
> ificates..>
> > --> Eero>
> > 2015-11-09 15:00 GMT+02:00 Helmut Koers  ko...@de.hellmann.net>:> What I actually do not understand is, why is it
> working with the
> > certificates that are created during OpenVAS set up, but not with the
> ones
> > being created afterwards, using the same tools and versions of it? Can
> > that be related to any versions?
> >
> >
> >
> > From:   Chris <fisch@gmx.de>
> > To: openvas-discuss@wald.intevation.org,
> > Date:   09.11.2015 13:17
> > Subject:Re: [Openvas-discuss] Service temporarily down
> > Sent by:"Openvas-discuss"
> > <openvas-discuss-bounces@w
> ald.intevation.org>
> >
> >
> > > Usually problem might be related to some incorrect library versions.
> >
> > Might be related to one of those reports:
> >
> > https://wald.intevation.org/tracker/index.php?
> > func=detail=6572_id=29=220
> >
> > http://comments.gmane.org/gmane.comp.security.openvas.users/6208
> > https://bugs.gentoo.org/show_bug.cgi?id=525640
> > ___
> > Openvas-discuss mailing list
> > Openvas-discuss@wald.intevation.org
> > https://lists.wald.intevation.org/cgi-bin/mailman/l
> istinfo/openvas-discuss>
>  09.11.201512:56:56>
> > ___
> > Openvas-discuss mailing list
> > Openvas-discuss@wald.intevation.org
> >
> 
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

Where would I need to apply the update? I have not changed the file names 
of the certificates, so my question is, is it a link to the certificate 
files or will the content of the certificate files be imported into the 
database?


09.11.201515:30:11matthew.mund...@greenbone.net wrote on 09.11.2015 
14:05:32:

> From: > To: Helmut Koers , > Cc: Chris , openvas-disc
u...@wald.intevation.org>
 Date: 09.11.2015 14:06> Subject: Re: [Openvas-discuss] S
ervice temporarily down> Sent by: matthe
w.mund...@greenbone.net> 
> > What I actually do not understand is, why is it working with the
> > certificates that are created during OpenVAS set up, but not with the 
ones
> > being created afterwards, using the same tools and versions of it? Can
> > that be related to any versions?
> 
> Have you updated Manager's record of the certificates used for that
> scanner?
> 
> Something like:
> LD_LIBRARY_PATH=/home/mattm/alts/openvas8/lib/ ~/alts/openvas8/sbin/
> openvasmd --modify-scanner 08b69003-5fc2-4037-a479-93b440211c73 --
> scanner-port  --scanner-ca-pub ~/alts/openvas8/var/lib/openvas/
> CA/cacert.pem --scanner-key-pub ~/alts/openvas8/var/lib/openvas/CA/
> servercert.pem --scanner-key-priv ~/alts/openvas8/var/lib/openvas/
> private/CA/serverkey.pem
> 
> --
> Greenbone Networks GmbH
> Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
> Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Chris]

> Usually problem might be related to some incorrect library versions.
 
Might be related to one of those reports:

https://wald.intevation.org/tracker/index.php?func=detail=6572_id=29=220
http://comments.gmane.org/gmane.comp.security.openvas.users/6208
https://bugs.gentoo.org/show_bug.cgi?id=525640
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Eero Volotinen]

Well, did you upgrade some packages like gnutls?

This might be related to software upgrade, not certificates..

--
Eero

2015-11-09 15:00 GMT+02:00 Helmut Koers <hko...@de.hellmann.net>:

> What I actually do not understand is, why is it working with the
> certificates that are created during OpenVAS set up, but not with the ones
> being created afterwards, using the same tools and versions of it? Can
> that be related to any versions?
>
>
>
> From:   Chris <fisch@gmx.de>
> To: openvas-discuss@wald.intevation.org,
> Date:   09.11.2015 13:17
> Subject:    Re: [Openvas-discuss] Service temporarily down
> Sent by:"Openvas-discuss"
> <openvas-discuss-boun...@wald.intevation.org>
>
>
>
> > Usually problem might be related to some incorrect library versions.
>
> Might be related to one of those reports:
>
>
> https://wald.intevation.org/tracker/index.php?func=detail=6572_id=29=220
>
> http://comments.gmane.org/gmane.comp.security.openvas.users/6208
> https://bugs.gentoo.org/show_bug.cgi?id=525640
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
> 09.11.201512:56:56
>
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Eero Volotinen]

And still not working?

Eero
9.11.2015 3.18 ip. "Helmut Koers" <hko...@de.hellmann.net> kirjoitti:

> No, I didn't. I did a clean Debian/OpenVAS install just to test that
> issue, I have updated the certificates right after I have installed and
> tested OpenVAS  to check if issue is still there, with no additional
> installations or upgrades.
>
>
> 09.11.201514:03:40eero.t.voloti...@gmail.com wrote on 09.11.2015
> 14:03:40:
>
> > From: Eero Volotinen
> <eero.voloti...@iki.fi>> To: Helmut Koers  o...@de.hellmann.net>, > Cc: Chris <fisch@gmx.de>,
> "openvas-discuss@wald.intevation.org"
> >  s...@wald.intevation.org>>
>  Date: 09.11.2015 14:03> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> > Well, did you upgrade some
>  packages like gnutls?
> > This might be related to software upgr
> ade, no
> t cert
> ificates..>
> > --> Eero>
> > 2015-11-09 15:00 GMT+02:00 Helmut Koers  ko...@de.hellmann.net>:> What I actually do not understand is, why is it
> working with the
> > certificates that are created during OpenVAS set up, but not with the
> ones
> > being created afterwards, using the same tools and versions of it? Can
> > that be related to any versions?
> >
> >
> >
> > From:   Chris <fisch@gmx.de>
> > To: openvas-discuss@wald.intevation.org,
> > Date:   09.11.2015 13:17
> > Subject:Re: [Openvas-discuss] Service temporarily down
> > Sent by:"Openvas-discuss"
> > <openvas-discuss-bounces@w
> ald.intevation.org>
> >
> >
> > > Usually problem might be related to some incorrect library versions.
> >
> > Might be related to one of those reports:
> >
> > https://wald.intevation.org/tracker/index.php?
> > func=detail=6572_id=29=220
> >
> > http://comments.gmane.org/gmane.comp.security.openvas.users/6208
> > https://bugs.gentoo.org/show_bug.cgi?id=525640
> > ___
> > Openvas-discuss mailing list
> > Openvas-discuss@wald.intevation.org
> > https://lists.wald.intevation.org/cgi-bin/mailman/l
> istinfo/openvas-discuss>
>  09.11.201512:56:56>
> > ___
> > Openvas-discuss mailing list
> > Openvas-discuss@wald.intevation.org
> >
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

No, I didn't. I did a clean Debian/OpenVAS install just to test that 
issue, I have updated the certificates right after I have installed and 
tested OpenVAS  to check if issue is still there, with no additional 
installations or upgrades.


09.11.201514:03:40eero.t.voloti...@gmail.com wrote on 09.11.2015 
14:03:40:

> From: Eero Volotinen 
<eero.voloti...@iki.fi>> To: Helmut Koers , > Cc: Chris <fisch@gmx.de>, 
"openvas-discuss@wald.intevation.org" 
> >
 Date: 09.11.2015 14:03> Subject: Re: [Openvas-discuss] S
ervice temporarily down> Sent by: eer
o.t.voloti...@gmail.com> 
> Well, did you upgrade some
 packages like gnutls?
> This might be related to software upgr
ade, no
t cert
ificates..> 
> --> Eero> 
> 2015-11-09 15:00 GMT+02:00 Helmut Koers :> What I actually do not understand is, why is it 
working with the
> certificates that are created during OpenVAS set up, but not with the 
ones
> being created afterwards, using the same tools and versions of it? Can
> that be related to any versions?
> 
> 
> 
> From:   Chris <fisch@gmx.de>
> To: openvas-discuss@wald.intevation.org,
> Date:   09.11.2015 13:17
> Subject:Re: [Openvas-discuss] Service temporarily down
> Sent by:"Openvas-discuss"
> <openvas-discuss-bounces@w
ald.intevation.org>
> 
> 
> > Usually problem might be related to some incorrect library versions.
> 
> Might be related to one of those reports:
> 
> https://wald.intevation.org/tracker/index.php?
> func=detail=6572_id=29=220
> 
> http://comments.gmane.org/gmane.comp.security.openvas.users/6208
> https://bugs.gentoo.org/show_bug.cgi?id=525640
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/l
istinfo/openvas-discuss>
 09.11.201512:56:56> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> 
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Eero Volotinen]

So, You did clean install of debian and then installed openvas8 on top of
it?

Then it sounds like library version issue. This is a bit hard to debug.
Could you use OpenVAS8 on Centos 7?

It's easy way to fix this issue :)

--
Eero

2015-11-09 16:34 GMT+02:00 Helmut Koers <hko...@de.hellmann.net>:

> Right, unfortunately it is still not working..
>
>
> 09.11.201515:05:33eero.t.voloti...@gmail.com wrote on 09.11.2015
> 15:05:33:
>
> > From: Eero Volotinen
> <eero.voloti...@iki.fi>> To: Helmut Koers  o...@de.hellmann.net>, > Cc: Chris <fisch@gmx.de>, openvas-disc
> u...@wald.intevation.org>
>  Date: 09.11.2015 15:13> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> >
>  And s
> till not working?> Eero> 9.11.2015 3.18 ip. "Helmut Koers" <HKoers@de.h
> ellmann.net> kirjoitti:> No, I didn't. I did a clean Debian/OpenVAS
> install just to test that
> > issue, I have updated the certificates right after I have installed and
> > tested OpenVAS  to check if issue is still there, with no additional
> > installations or upgrades.
> >
> >
> > 09.11.201514:03:40eero.t.voloti...@gmail.com wrote on 09.11.2015
> > 14:03:40:
> >
> > > From: Eero Volotinen
> > <eero.voloti...@iki.fi>> To: Helmut Koers  > o...@de.hellmann.net>, > Cc: Chris <fisch@gmx.de>,
> > "openvas-discuss@wald.intevation.org"
> > >  > s...@wald.intevation.org>>
> >  Date: 09.11.2015 14:03> Subject: Re: [Openvas-discuss] S
> > ervice temporarily down> Sent by: eer
> > o.t.voloti...@gmail.com>
> > > Well, did you upgrade some
> >  packages like gnutls?
> > > This might be related to software upgr
> > ade, no
> > t cert
> > ificates..>
> > > --> Eero>
> > > 2015-11-09 15:00 GMT+02:00 Helmut Koers  > ko...@de.hellmann.net>:> What I actually do not understand is, why is it
> > working with the
> > > certificates that are created during OpenVAS set up, but not with the
> > ones
> > > being created afterwards, using the same tools and versions of it? Can
> > > that be related to any versions?
> > >
> > >
> > >
> > > From:   Chris <fisch@gmx.de>
> > > To: openvas-discuss@wald.intevation.org,
> > > Date:   09.11.2015 13:17
> > > Subject:Re: [Openvas-discuss] Service temporarily down
> > > Sent by:"Openvas-discuss"
> > > <openvas-discuss-bounces@w
> > ald.intevation.org>
> > >
> > >
> > > > Usually problem might be related to some incorrect library versions.
> > >
> > > Might be related to one of those reports:
> > >
> > > https://wald.intevation.org/tracker/index.php?
> > > func=detail=6572_id=29=220
> > >
> > > http://comments.gmane.org/gmane.comp.security.openvas.users/6208
> > > https://bugs.gentoo.org/show_bug.cgi?id=525640
> > > ___
> > > Openvas-discuss mailing list
> > > Openvas-discuss@wald.intevation.org
> > > https://lists.wald.intevation.org/cgi-bin/mailman/l
> > istinfo/openvas-discuss>
> >  09.11.201512:56:56>
> > > ___
> > > Openvas-discuss mailing list
> > > Openvas-discuss@wald.intevation.org
> > >
> >
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Reindl Harald]

Am 09.11.2015 um 15:47 schrieb matthew.mund...@greenbone.net:

Where would I need to apply the update? I have not changed the file names
of the certificates, so my question is, is it a link to the certificate
files or will the content of the certificate files be imported into the
database?


The contents of the certificate files is stored in the database.  The links
are not stored.

If the certificate changes then anything in the database that uses them
must change too.


may i ask why we now store certificates in databases?

that makes it so much harder to handle for users, forget you self-sigend 
commands, just consider CA signed certificates which needs to rotate 
regulary


sorry but i don't know any other software which does anything else then 
use the certificate files from a configuration and that's it




signature.asc
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

So that seems to be related to Debian? May it have something to do with 
the fact that OpenVAS did no find any vulnerabilities in regards to 
certificates anymore, without applying any custom load commands?


09.11.201509:43:42eero.t.voloti...@gmail.com wrote on 09.11.2015 
09:43:42:

> From: Eero Volotinen 
> To: Helmut Koers , > Cc: "openvas-discuss@wald.intevation.org" 
 discu
s...@wald.intevation.org>>
 Date: 09.11.2015 09:43> Subject: Re: [Openvas-discuss] S
ervice temporarily down> Sent by: eer
o.t.voloti...@gmail.com> 
> Well, works fine for me. I am using Centos
 7 and latest OpenVAS8.> 
> Maybe you should al
so try 
with C
entos 7 :)> 
> --> Eero> 
> 2015-11-09 9:55 GMT+02:00 Helmut Koers :> Yes, system clock is on correct time.
> 
> I even tried to copy certificates from a fresh/working installation to 
an
> updated/not working one and ran into the same issues. May there be a 
link
> to the certificates anywhere, that need to be updated?
> 
> 
> 08.11.201518:06:42eero.t.voloti...@gmail.com wrote on 08.11.2015
> 18:06:42:
> 
> > From: Eero Volotinen
> > To: Helmut Koers  o...@de.hellmann.net>, > Cc: "openvas-discuss@wald.intevation.org"
>  > discu
> s...@wald.intevation.org>>
>  Date: 08.11.2015 18:06> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> > Is the system clock o
> n corr
> ect time?
> >
> > --> Eero>
> > 2015-11-08 20:02 GMT+03:00 Helmut Koers  ko...@de.hellmann.net>:> It loads the certificates
 exactly from the place> I looked at, as you can
> > see below.
> >
> > open("/var/lib/openvas/private/CA/serverkey.pem", O_RDONLY) = 5
> > open("/var/lib/openvas/CA/servercert.pem", O_RDONLY) = 5
> > open("/var/lib/openvas/CA/cacert.pem", O_RDONLY) = 5
> >
> > I did a clean installation of Debian Jessie and OpenVAS8 using latest
> > install media, and am having the same issues after renewing 
certificates
> > as mentioned before.
> >
> >
> > 06.11.201516:53:54eero.t.voloti...@gmail.com wrote on 06.11.2015
> > 16:53:54:
> >
> > > From: Eero Volotinen
> > > To: Helmut Koers  > o...@de.hellmann.net>, > Cc: openvas-disc
> > u...@wald.intevation.org>
> >  Date: 06.11.2015 16:53> Subject: Re: [Openvas-discuss] S
> > ervice temporarily down> Sent by: eer
> > o
> .t.voloti...@gmail.com>> > Well, you could start openvasmd under strace
> like this strace -f -e
> > > open openvasmd and look wher
> > e it open certificates.> Maybe you are l
> > ooking
> >  in wrong place..> Eero> 6.11.2015 3.51 ip. "Helmut Koers" 
 > ellmann.net> kirjoitti:> Yes, I have tried both, deleting client, 
server
> > and ca certs as well as
> > > cert and keys (.../var/lib/openvas/CA/ und
> > > .../var/lib/openvas/private/CA/), which then have been newly 
created.
> > I've
> > > tried it several time, but here was not difference, I am am still
> seeing
> > > the error message and am not able to execute a scan.
> > >
> > >
> > > 06.11.201513:29:56eero.t.voloti...@gmail.com wrote on 06.11.2015
> > > 13:29:56:
> > >
> > > > From: Eero Volotinen
> > > > To: Helmut Koers  > > o...@de.hellmann.net>, > Cc: openvas-disc
> > > u...@wald.intevation.org>
> > >  Date: 06.11.2015 13:30> Subject: Re: [Openvas-discuss] S
> > > ervice temporarily down> Sent by: eer
> > > o.t.voloti...@gmail.com>
> > > > Well, did you really deleted server ca
> > > , cert
> > >  and client cert?> Eero> 6.11.2015 12.57 ip. "Helmut Koers"
>  > > ellmann.net> kirjoitti:> Unfortunately, that did not solve the 
issue,
> > same
> > > error in GSAD than
> > > > before.
> > > >
> > > > Not sure if I got the right error message in openvasmd.log before,
> now
> > I
> > > > see the following:
> > > >
> > > > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977:
> openvas_server_verify:
> > > the
> > > > certificate is not trusted
> > > > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977:
> openvas_server_verify:
> > > the
> > > > certificate hasn't got a known issuer
> > > > event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task
> > > > c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by 
ovadmin
> > > >
> > > > I repeated the actions I have been received, but no change.
> > > >
> > > >
> > > > 06.11.201510:59:20eero.t.voloti...@gmail.com wrote on 
06.11.2015
> > > > 10:59:20:
> > > >
> > > > > From: Eero Volotinen
> > > > > To: Helmut Koers  > > > o...@de.hellmann.net>, > Cc: openvas-disc
> > > > u...@wald.intevation.org>
> > > >  Date: 06.11.2015 10:59> Subject: Re: [Openvas-discuss] S
> > > > ervice temporarily down> Sent by: eer
> > > > o.t.voloti...@gmail.com>
> > > > > Try to delete old ca and certs and then regener
> > > > ate &
> > > > restart services.> Eero> 6.11.2015 10.44 ap. "Helmut Koers"
> >  > > > ellmann.net> kirjoitti:> Hi all,
> > > > > after renewing OpenVAS certificates as requested:
> > > > >
> > > > > openvas-mkcert -f -q
> > 

Re: [Openvas-discuss] Service temporarily down

[Eero Volotinen]

Well, that might be related to Debian or something else. As I don't use
Debian as my primary platform, it's a bit complex to say :) Atomic Corp
provides working openvas8 rpm-packages  and they work fine. Is there really
recent debian packages for openvas8 or it is source installation only?

Usually problem might be related to some incorrect library versions.

--
Eero

2015-11-09 13:21 GMT+02:00 Helmut Koers :

> So that seems to be related to Debian? May it have something to do with
> the fact that OpenVAS did no find any vulnerabilities in regards to
> certificates anymore, without applying any custom load commands?
>
>
> 09.11.201509:43:42eero.t.voloti...@gmail.com wrote on 09.11.2015
> 09:43:42:
>
> > From: Eero Volotinen
> > To: Helmut Koers  o...@de.hellmann.net>, > Cc: "openvas-discuss@wald.intevation.org"
>  > discu
> s...@wald.intevation.org>>
>  Date: 09.11.2015 09:43> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> > Well, works fine for me. I am using Centos
>  7 and latest OpenVAS8.>
> > Maybe you should al
> so try
> with C
> entos 7 :)>
> > --> Eero>
> > 2015-11-09 9:55 GMT+02:00 Helmut Koers  ko...@de.hellmann.net>:> Yes, system clock is on correct time.
> >
> > I even tried to copy certificates from a fresh/working installation to
> an
> > updated/not working one and ran into the same issues. May there be a
> link
> > to the certificates anywhere, that need to be updated?
> >
> >
> > 08.11.201518:06:42eero.t.voloti...@gmail.com wrote on 08.11.2015
> > 18:06:42:
> >
> > > From: Eero Volotinen
> > > To: Helmut Koers  > o...@de.hellmann.net>, > Cc: "openvas-discuss@wald.intevation.org"
> >  > > discu
> > s...@wald.intevation.org>>
> >  Date: 08.11.2015 18:06> Subject: Re: [Openvas-discuss] S
> > ervice temporarily down> Sent by: eer
> > o.t.voloti...@gmail.com>
> > > Is the system clock o
> > n corr
> > ect time?
> > >
> > > --> Eero>
> > > 2015-11-08 20:02 GMT+03:00 Helmut Koers  > ko...@de.hellmann.net>:> It loads the certificates
>  exactly from the place> I looked at, as you can
> > > see below.
> > >
> > > open("/var/lib/openvas/private/CA/serverkey.pem", O_RDONLY) = 5
> > > open("/var/lib/openvas/CA/servercert.pem", O_RDONLY) = 5
> > > open("/var/lib/openvas/CA/cacert.pem", O_RDONLY) = 5
> > >
> > > I did a clean installation of Debian Jessie and OpenVAS8 using latest
> > > install media, and am having the same issues after renewing
> certificates
> > > as mentioned before.
> > >
> > >
> > > 06.11.201516:53:54eero.t.voloti...@gmail.com wrote on 06.11.2015
> > > 16:53:54:
> > >
> > > > From: Eero Volotinen
> > > > To: Helmut Koers  > > o...@de.hellmann.net>, > Cc: openvas-disc
> > > u...@wald.intevation.org>
> > >  Date: 06.11.2015 16:53> Subject: Re: [Openvas-discuss] S
> > > ervice temporarily down> Sent by: eer
> > > o
> > .t.voloti...@gmail.com>> > Well, you could start openvasmd under strace
> > like this strace -f -e
> > > > open openvasmd and look wher
> > > e it open certificates.> Maybe you are l
> > > ooking
> > >  in wrong place..> Eero> 6.11.2015 3.51 ip. "Helmut Koers"
>  > > ellmann.net> kirjoitti:> Yes, I have tried both, deleting client,
> server
> > > and ca certs as well as
> > > > cert and keys (.../var/lib/openvas/CA/ und
> > > > .../var/lib/openvas/private/CA/), which then have been newly
> created.
> > > I've
> > > > tried it several time, but here was not difference, I am am still
> > seeing
> > > > the error message and am not able to execute a scan.
> > > >
> > > >
> > > > 06.11.201513:29:56eero.t.voloti...@gmail.com wrote on 06.11.2015
> > > > 13:29:56:
> > > >
> > > > > From: Eero Volotinen
> > > > > To: Helmut Koers  > > > o...@de.hellmann.net>, > Cc: openvas-disc
> > > > u...@wald.intevation.org>
> > > >  Date: 06.11.2015 13:30> Subject: Re: [Openvas-discuss] S
> > > > ervice temporarily down> Sent by: eer
> > > > o.t.voloti...@gmail.com>
> > > > > Well, did you really deleted server ca
> > > > , cert
> > > >  and client cert?> Eero> 6.11.2015 12.57 ip. "Helmut Koers"
> >  > > > ellmann.net> kirjoitti:> Unfortunately, that did not solve the
> issue,
> > > same
> > > > error in GSAD than
> > > > > before.
> > > > >
> > > > > Not sure if I got the right error message in openvasmd.log before,
> > now
> > > I
> > > > > see the following:
> > > > >
> > > > > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977:
> > openvas_server_verify:
> > > > the
> > > > > certificate is not trusted
> > > > > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977:
> > openvas_server_verify:
> > > > the
> > > > > certificate hasn't got a known issuer
> > > > > event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task
> > > > > c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by
> ovadmin
> > > > >
> > > > > I repeated the actions I have been received, but no change.
> > > > >
> 

Re: [Openvas-discuss] Service temporarily down

[Eero Volotinen]

Well, works fine for me. I am using Centos 7 and latest OpenVAS8.

Maybe you should also try with Centos 7 :)

--
Eero

2015-11-09 9:55 GMT+02:00 Helmut Koers :

> Yes, system clock is on correct time.
>
> I even tried to copy certificates from a fresh/working installation to an
> updated/not working one and ran into the same issues. May there be a link
> to the certificates anywhere, that need to be updated?
>
>
> 08.11.201518:06:42eero.t.voloti...@gmail.com wrote on 08.11.2015
> 18:06:42:
>
> > From: Eero Volotinen
> > To: Helmut Koers  o...@de.hellmann.net>, > Cc: "openvas-discuss@wald.intevation.org"
>  > discu
> s...@wald.intevation.org>>
>  Date: 08.11.2015 18:06> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> > Is the system clock o
> n corr
> ect time?
> >
> > --> Eero>
> > 2015-11-08 20:02 GMT+03:00 Helmut Koers  ko...@de.hellmann.net>:> It loads the certificates exactly from the place
> I looked at, as you can
> > see below.
> >
> > open("/var/lib/openvas/private/CA/serverkey.pem", O_RDONLY) = 5
> > open("/var/lib/openvas/CA/servercert.pem", O_RDONLY) = 5
> > open("/var/lib/openvas/CA/cacert.pem", O_RDONLY) = 5
> >
> > I did a clean installation of Debian Jessie and OpenVAS8 using latest
> > install media, and am having the same issues after renewing certificates
> > as mentioned before.
> >
> >
> > 06.11.201516:53:54eero.t.voloti...@gmail.com wrote on 06.11.2015
> > 16:53:54:
> >
> > > From: Eero Volotinen
> > > To: Helmut Koers  > o...@de.hellmann.net>, > Cc: openvas-disc
> > u...@wald.intevation.org>
> >  Date: 06.11.2015 16:53> Subject: Re: [Openvas-discuss] S
> > ervice temporarily down> Sent by: eer
> > o
> .t.voloti...@gmail.com>> > Well, you could start openvasmd under strace
> like this strace -f -e
> > > open openvasmd and look wher
> > e it open certificates.> Maybe you are l
> > ooking
> >  in wrong place..> Eero> 6.11.2015 3.51 ip. "Helmut Koers"  > ellmann.net> kirjoitti:> Yes, I have tried both, deleting client, server
> > and ca certs as well as
> > > cert and keys (.../var/lib/openvas/CA/ und
> > > .../var/lib/openvas/private/CA/), which then have been newly created.
> > I've
> > > tried it several time, but here was not difference, I am am still
> seeing
> > > the error message and am not able to execute a scan.
> > >
> > >
> > > 06.11.201513:29:56eero.t.voloti...@gmail.com wrote on 06.11.2015
> > > 13:29:56:
> > >
> > > > From: Eero Volotinen
> > > > To: Helmut Koers  > > o...@de.hellmann.net>, > Cc: openvas-disc
> > > u...@wald.intevation.org>
> > >  Date: 06.11.2015 13:30> Subject: Re: [Openvas-discuss] S
> > > ervice temporarily down> Sent by: eer
> > > o.t.voloti...@gmail.com>
> > > > Well, did you really deleted server ca
> > > , cert
> > >  and client cert?> Eero> 6.11.2015 12.57 ip. "Helmut Koers"
>  > > ellmann.net> kirjoitti:> Unfortunately, that did not solve the issue,
> > same
> > > error in GSAD than
> > > > before.
> > > >
> > > > Not sure if I got the right error message in openvasmd.log before,
> now
> > I
> > > > see the following:
> > > >
> > > > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977:
> openvas_server_verify:
> > > the
> > > > certificate is not trusted
> > > > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977:
> openvas_server_verify:
> > > the
> > > > certificate hasn't got a known issuer
> > > > event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task
> > > > c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by ovadmin
> > > >
> > > > I repeated the actions I have been received, but no change.
> > > >
> > > >
> > > > 06.11.201510:59:20eero.t.voloti...@gmail.com wrote on 06.11.2015
> > > > 10:59:20:
> > > >
> > > > > From: Eero Volotinen
> > > > > To: Helmut Koers  > > > o...@de.hellmann.net>, > Cc: openvas-disc
> > > > u...@wald.intevation.org>
> > > >  Date: 06.11.2015 10:59> Subject: Re: [Openvas-discuss] S
> > > > ervice temporarily down> Sent by: eer
> > > > o.t.voloti...@gmail.com>
> > > > > Try to delete old ca and certs and then regener
> > > > ate &
> > > > restart services.> Eero> 6.11.2015 10.44 ap. "Helmut Koers"
> >  > > > ellmann.net> kirjoitti:> Hi all,
> > > > > after renewing OpenVAS certificates as requested:
> > > > >
> > > > > openvas-mkcert -f -q
> > > > > openvas-mkcert-client -n -i
> > > > >
> > > > > and reooting the entire system, I can't run a scan anymore getting
> > an
> > > > > error message in GSAD saying:
> > > > >
> > > > > Operation:  Start Task
> > > > > Status code:503
> > > > > Status message: Service temporarily down
> > > > >
> > > > > The openvasmd.log shows the following:
> > > > >
> > > > > lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake
> hands
> > > > with
> > > > > peer: The TLS connection was non-properly terminated.
> > > > > lib  

Re: [Openvas-discuss] Service temporarily down

[Eero Volotinen]

Is the system clock on correct time?

--
Eero

2015-11-08 20:02 GMT+03:00 Helmut Koers :

> It loads the certificates exactly from the place I looked at, as you can
> see below.
>
> open("/var/lib/openvas/private/CA/serverkey.pem", O_RDONLY) = 5
> open("/var/lib/openvas/CA/servercert.pem", O_RDONLY) = 5
> open("/var/lib/openvas/CA/cacert.pem", O_RDONLY) = 5
>
> I did a clean installation of Debian Jessie and OpenVAS8 using latest
> install media, and am having the same issues after renewing certificates
> as mentioned before.
>
>
> 06.11.201516:53:54eero.t.voloti...@gmail.com wrote on 06.11.2015
> 16:53:54:
>
> > From: Eero Volotinen
> > To: Helmut Koers  o...@de.hellmann.net>, > Cc: openvas-disc
> u...@wald.intevation.org>
>  Date: 06.11.2015 16:53> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> > Well, you could start openvasmd under strace like this strace -f -e
> > open openvasmd and look wher
> e it open certificates.> Maybe you are l
> ooking
>  in wrong place..> Eero> 6.11.2015 3.51 ip. "Helmut Koers"  ellmann.net> kirjoitti:> Yes, I have tried both, deleting client, server
> and ca certs as well as
> > cert and keys (.../var/lib/openvas/CA/ und
> > .../var/lib/openvas/private/CA/), which then have been newly created.
> I've
> > tried it several time, but here was not difference, I am am still seeing
> > the error message and am not able to execute a scan.
> >
> >
> > 06.11.201513:29:56eero.t.voloti...@gmail.com wrote on 06.11.2015
> > 13:29:56:
> >
> > > From: Eero Volotinen
> > > To: Helmut Koers  > o...@de.hellmann.net>, > Cc: openvas-disc
> > u...@wald.intevation.org>
> >  Date: 06.11.2015 13:30> Subject: Re: [Openvas-discuss] S
> > ervice temporarily down> Sent by: eer
> > o.t.voloti...@gmail.com>
> > > Well, did you really deleted server ca
> > , cert
> >  and client cert?> Eero> 6.11.2015 12.57 ip. "Helmut Koers"  > ellmann.net> kirjoitti:> Unfortunately, that did not solve the issue,
> same
> > error in GSAD than
> > > before.
> > >
> > > Not sure if I got the right error message in openvasmd.log before, now
> I
> > > see the following:
> > >
> > > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify:
> > the
> > > certificate is not trusted
> > > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify:
> > the
> > > certificate hasn't got a known issuer
> > > event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task
> > > c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by ovadmin
> > >
> > > I repeated the actions I have been received, but no change.
> > >
> > >
> > > 06.11.201510:59:20eero.t.voloti...@gmail.com wrote on 06.11.2015
> > > 10:59:20:
> > >
> > > > From: Eero Volotinen
> > > > To: Helmut Koers  > > o...@de.hellmann.net>, > Cc: openvas-disc
> > > u...@wald.intevation.org>
> > >  Date: 06.11.2015 10:59> Subject: Re: [Openvas-discuss] S
> > > ervice temporarily down> Sent by: eer
> > > o.t.voloti...@gmail.com>
> > > > Try to delete old ca and certs and then regener
> > > ate &
> > > restart services.> Eero> 6.11.2015 10.44 ap. "Helmut Koers"
>  > > ellmann.net> kirjoitti:> Hi all,
> > > > after renewing OpenVAS certificates as requested:
> > > >
> > > > openvas-mkcert -f -q
> > > > openvas-mkcert-client -n -i
> > > >
> > > > and reooting the entire system, I can't run a scan anymore getting
> an
> > > > error message in GSAD saying:
> > > >
> > > > Operation:  Start Task
> > > > Status code:503
> > > > Status message: Service temporarily down
> > > >
> > > > The openvasmd.log shows the following:
> > > >
> > > > lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake hands
> > > with
> > > > peer: The TLS connection was non-properly terminated.
> > > > lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shutdown
> > server
> > > > socket
> > > > event task:MESSAGE:2015-11-06 09h36.44 CET:966: Task
> > > > 2e6cc5ec-27e3-4f29-8e53-8b2e6af6c81d could not be started by admin
> > > >
> > > > I am running OpenVAS 8 on Debian Jessie.
> > > >
> > > > Any advice is appreciated.
> > > > ___
> > > > Openvas-discuss mailing list
> > > > Openvas-discuss@wald.intevation.org
> > > >
> > >
> >
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Eero Volotinen]

Try to delete old ca and certs and then regenerate & restart services.

Eero
6.11.2015 10.44 ap. "Helmut Koers"  kirjoitti:

> Hi all,
> after renewing OpenVAS certificates as requested:
>
> openvas-mkcert -f -q
> openvas-mkcert-client -n -i
>
> and reooting the entire system, I can't run a scan anymore getting an
> error message in GSAD saying:
>
> Operation:  Start Task
> Status code:503
> Status message: Service temporarily down
>
> The openvasmd.log shows the following:
>
> lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake hands with
> peer: The TLS connection was non-properly terminated.
> lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shutdown server
> socket
> event task:MESSAGE:2015-11-06 09h36.44 CET:966: Task
> 2e6cc5ec-27e3-4f29-8e53-8b2e6af6c81d could not be started by admin
>
> I am running OpenVAS 8 on Debian Jessie.
>
> Any advice is appreciated.
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

I have not changed the certificates, but just renewed the standard ones. 
Thus the certificate files, that are mentioned in the tasks, stayed the 
same as before.

Nevertheless I have executed the tasks described under the link with no 
success.

Is there anything else I can do to get the issue solved?


06.11.201510:54:40"Openvas-discuss" 
 wrote on 06.11.2015 
10:54:40:

> From: Michael Meyer > To: openvas-discus
s...@wald.intevation.org, >
 Date: 06.11.2015 10:54> Subject: Re: [Openvas-discuss] S
ervice temporarily down> Sent by: "Openvas-discuss" > 
> *** Helmut Koers wrote:
> 
> > after renewing OpenVAS certificates as requested:
> > 
> > openvas-mkcert -f -q
> > openvas-mkcert-client -n -i
> > 
> > and reooting the entire system, I can't run a scan anymore getting an 
> > error message in GSAD saying:
> > 
> > Operation:  Start Task
> > Status code:503
> > Status message: Service temporarily down
> 
> 
https://svn.wald.intevation.org/svn/openvas/trunk/openvas-manager/INSTALL 
->
> "Updating Scanner Certificates".
> 
> HTH
> 
> Micha
> 
> -- 
> Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6 
> http://www.greenbone.net/
> Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
> Osnabrück, HR B 202460
> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> 
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Service temporarily down

[Helmut Koers]

Hi all,
after renewing OpenVAS certificates as requested:

openvas-mkcert -f -q
openvas-mkcert-client -n -i

and reooting the entire system, I can't run a scan anymore getting an 
error message in GSAD saying:

Operation:  Start Task
Status code:503
Status message: Service temporarily down

The openvasmd.log shows the following:

lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake hands with 
peer: The TLS connection was non-properly terminated.
lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shutdown server 
socket
event task:MESSAGE:2015-11-06 09h36.44 CET:966: Task 
2e6cc5ec-27e3-4f29-8e53-8b2e6af6c81d could not be started by admin

I am running OpenVAS 8 on Debian Jessie.

Any advice is appreciated.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Michael Meyer]

*** Helmut Koers wrote:

> after renewing OpenVAS certificates as requested:
> 
> openvas-mkcert -f -q
> openvas-mkcert-client -n -i
> 
> and reooting the entire system, I can't run a scan anymore getting an 
> error message in GSAD saying:
> 
> Operation:  Start Task
> Status code:503
> Status message: Service temporarily down

https://svn.wald.intevation.org/svn/openvas/trunk/openvas-manager/INSTALL ->
"Updating Scanner Certificates".

HTH

Micha

-- 
Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6 
http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

Unfortunately, that did not solve the issue, same error in GSAD than 
before.

Not sure if I got the right error message in openvasmd.log before, now I 
see the following:

lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify: the 
certificate is not trusted
lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify: the 
certificate hasn't got a known issuer
event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task 
c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by ovadmin

I repeated the actions I have been received, but no change.


06.11.201510:59:20eero.t.voloti...@gmail.com wrote on 06.11.2015 
10:59:20:

> From: Eero Volotinen 
> To: Helmut Koers , > Cc: openvas-disc
u...@wald.intevation.org>
 Date: 06.11.2015 10:59> Subject: Re: [Openvas-discuss] S
ervice temporarily down> Sent by: eer
o.t.voloti...@gmail.com> 
> Try to delete old ca and certs and then regener
ate & 
restart services.> Eero> 6.11.2015 10.44 ap. "Helmut Koers"  kirjoitti:> Hi all,
> after renewing OpenVAS certificates as requested:
> 
> openvas-mkcert -f -q
> openvas-mkcert-client -n -i
> 
> and reooting the entire system, I can't run a scan anymore getting an
> error message in GSAD saying:
> 
> Operation:  Start Task
> Status code:503
> Status message: Service temporarily down
> 
> The openvasmd.log shows the following:
> 
> lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake hands 
with
> peer: The TLS connection was non-properly terminated.
> lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shutdown server
> socket
> event task:MESSAGE:2015-11-06 09h36.44 CET:966: Task
> 2e6cc5ec-27e3-4f29-8e53-8b2e6af6c81d could not be started by admin
> 
> I am running OpenVAS 8 on Debian Jessie.
> 
> Any advice is appreciated.
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> 
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Rene Behring]

Morning,

i think i had a similar problem but not exactly yours. What i had to do was to 
update the certificate for the user „om“. Right now i can’t look what the exact 
problem was but the solution was:
openvas-mkcert-client -n om -i

Regards
Rene

> Am 06.11.2015 um 11:36 schrieb Helmut Koers :
> 
> I have not changed the certificates, but just renewed the standard ones. 
> Thus the certificate files, that are mentioned in the tasks, stayed the 
> same as before.
> 
> Nevertheless I have executed the tasks described under the link with no 
> success.
> 
> Is there anything else I can do to get the issue solved?
> 
> 
> 06.11.201510:54:40"Openvas-discuss" 
>  wrote on 06.11.2015 
> 10:54:40:
> 
>> From: Michael Meyer  el.me...@greenbone.net>> To: openvas-discus
> s...@wald.intevation.org, >
> Date: 06.11.2015 10:54> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: "Openvas-discuss"  e...@wald.intevation.org>> 
>> *** Helmut Koers wrote:
>> 
>>> after renewing OpenVAS certificates as requested:
>>> 
>>> openvas-mkcert -f -q
>>> openvas-mkcert-client -n -i
>>> 
>>> and reooting the entire system, I can't run a scan anymore getting an 
>>> error message in GSAD saying:
>>> 
>>> Operation:  Start Task
>>> Status code:503
>>> Status message: Service temporarily down
>> 
>> 
> https://svn.wald.intevation.org/svn/openvas/trunk/openvas-manager/INSTALL 
> ->
>> "Updating Scanner Certificates".
>> 
>> HTH
>> 
>> Micha
>> 
>> -- 
>> Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6 
>> http://www.greenbone.net/
>> Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
>> Osnabrück, HR B 202460
>> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
>> ___
>> Openvas-discuss mailing list
>> Openvas-discuss@wald.intevation.org
>> 
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Helmut Koers]

Yes, I have tried both, deleting client, server and ca certs as well as 
cert and keys (.../var/lib/openvas/CA/ und 
.../var/lib/openvas/private/CA/), which then have been newly created. I've 
tried it several time, but here was not difference, I am am still seeing 
the error message and am not able to execute a scan.


06.11.201513:29:56eero.t.voloti...@gmail.com wrote on 06.11.2015 
13:29:56:

> From: Eero Volotinen 
> To: Helmut Koers , > Cc: openvas-disc
u...@wald.intevation.org>
 Date: 06.11.2015 13:30> Subject: Re: [Openvas-discuss] S
ervice temporarily down> Sent by: eer
o.t.voloti...@gmail.com> 
> Well, did you really deleted server ca
, cert
 and client cert?> Eero> 6.11.2015 12.57 ip. "Helmut Koers"  kirjoitti:> Unfortunately, that did not solve the issue, same 
error in GSAD than
> before.
> 
> Not sure if I got the right error message in openvasmd.log before, now I
> see the following:
> 
> lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify: 
the
> certificate is not trusted
> lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify: 
the
> certificate hasn't got a known issuer
> event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task
> c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by ovadmin
> 
> I repeated the actions I have been received, but no change.
> 
> 
> 06.11.201510:59:20eero.t.voloti...@gmail.com wrote on 06.11.2015
> 10:59:20:
> 
> > From: Eero Volotinen
> > To: Helmut Koers  o...@de.hellmann.net>, > Cc: openvas-disc
> u...@wald.intevation.org>
>  Date: 06.11.2015 10:59> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> > Try to delete old ca and certs and then regener
> ate &
> restart services.> Eero> 6.11.2015 10.44 ap. "Helmut Koers"  ellmann.net> kirjoitti:> Hi all,
> > after renewing OpenVAS certificates as requested:
> >
> > openvas-mkcert -f -q
> > openvas-mkcert-client -n -i
> >
> > and reooting the entire system, I can't run a scan anymore getting an
> > error message in GSAD saying:
> >
> > Operation:  Start Task
> > Status code:503
> > Status message: Service temporarily down
> >
> > The openvasmd.log shows the following:
> >
> > lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake hands
> with
> > peer: The TLS connection was non-properly terminated.
> > lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shutdown 
server
> > socket
> > event task:MESSAGE:2015-11-06 09h36.44 CET:966: Task
> > 2e6cc5ec-27e3-4f29-8e53-8b2e6af6c81d could not be started by admin
> >
> > I am running OpenVAS 8 on Debian Jessie.
> >
> > Any advice is appreciated.
> > ___
> > Openvas-discuss mailing list
> > Openvas-discuss@wald.intevation.org
> >
> 
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Eero Volotinen]

Well, you could start openvasmd under strace like this strace -f -e open
openvasmd and look where it open certificates.

Maybe you are looking in wrong place..

Eero
6.11.2015 3.51 ip. "Helmut Koers"  kirjoitti:

> Yes, I have tried both, deleting client, server and ca certs as well as
> cert and keys (.../var/lib/openvas/CA/ und
> .../var/lib/openvas/private/CA/), which then have been newly created. I've
> tried it several time, but here was not difference, I am am still seeing
> the error message and am not able to execute a scan.
>
>
> 06.11.201513:29:56eero.t.voloti...@gmail.com wrote on 06.11.2015
> 13:29:56:
>
> > From: Eero Volotinen
> > To: Helmut Koers  o...@de.hellmann.net>, > Cc: openvas-disc
> u...@wald.intevation.org>
>  Date: 06.11.2015 13:30> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> > Well, did you really deleted server ca
> , cert
>  and client cert?> Eero> 6.11.2015 12.57 ip. "Helmut Koers"  ellmann.net> kirjoitti:> Unfortunately, that did not solve the issue, same
> error in GSAD than
> > before.
> >
> > Not sure if I got the right error message in openvasmd.log before, now I
> > see the following:
> >
> > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify:
> the
> > certificate is not trusted
> > lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify:
> the
> > certificate hasn't got a known issuer
> > event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task
> > c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by ovadmin
> >
> > I repeated the actions I have been received, but no change.
> >
> >
> > 06.11.201510:59:20eero.t.voloti...@gmail.com wrote on 06.11.2015
> > 10:59:20:
> >
> > > From: Eero Volotinen
> > > To: Helmut Koers  > o...@de.hellmann.net>, > Cc: openvas-disc
> > u...@wald.intevation.org>
> >  Date: 06.11.2015 10:59> Subject: Re: [Openvas-discuss] S
> > ervice temporarily down> Sent by: eer
> > o.t.voloti...@gmail.com>
> > > Try to delete old ca and certs and then regener
> > ate &
> > restart services.> Eero> 6.11.2015 10.44 ap. "Helmut Koers"  > ellmann.net> kirjoitti:> Hi all,
> > > after renewing OpenVAS certificates as requested:
> > >
> > > openvas-mkcert -f -q
> > > openvas-mkcert-client -n -i
> > >
> > > and reooting the entire system, I can't run a scan anymore getting an
> > > error message in GSAD saying:
> > >
> > > Operation:  Start Task
> > > Status code:503
> > > Status message: Service temporarily down
> > >
> > > The openvasmd.log shows the following:
> > >
> > > lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake hands
> > with
> > > peer: The TLS connection was non-properly terminated.
> > > lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shutdown
> server
> > > socket
> > > event task:MESSAGE:2015-11-06 09h36.44 CET:966: Task
> > > 2e6cc5ec-27e3-4f29-8e53-8b2e6af6c81d could not be started by admin
> > >
> > > I am running OpenVAS 8 on Debian Jessie.
> > >
> > > Any advice is appreciated.
> > > ___
> > > Openvas-discuss mailing list
> > > Openvas-discuss@wald.intevation.org
> > >
> >
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Eero Volotinen]

Well, did you really deleted server ca, cert and client cert?

Eero
6.11.2015 12.57 ip. "Helmut Koers"  kirjoitti:

> Unfortunately, that did not solve the issue, same error in GSAD than
> before.
>
> Not sure if I got the right error message in openvasmd.log before, now I
> see the following:
>
> lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify: the
> certificate is not trusted
> lib  serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify: the
> certificate hasn't got a known issuer
> event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task
> c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by ovadmin
>
> I repeated the actions I have been received, but no change.
>
>
> 06.11.201510:59:20eero.t.voloti...@gmail.com wrote on 06.11.2015
> 10:59:20:
>
> > From: Eero Volotinen
> > To: Helmut Koers  o...@de.hellmann.net>, > Cc: openvas-disc
> u...@wald.intevation.org>
>  Date: 06.11.2015 10:59> Subject: Re: [Openvas-discuss] S
> ervice temporarily down> Sent by: eer
> o.t.voloti...@gmail.com>
> > Try to delete old ca and certs and then regener
> ate &
> restart services.> Eero> 6.11.2015 10.44 ap. "Helmut Koers"  ellmann.net> kirjoitti:> Hi all,
> > after renewing OpenVAS certificates as requested:
> >
> > openvas-mkcert -f -q
> > openvas-mkcert-client -n -i
> >
> > and reooting the entire system, I can't run a scan anymore getting an
> > error message in GSAD saying:
> >
> > Operation:  Start Task
> > Status code:503
> > Status message: Service temporarily down
> >
> > The openvasmd.log shows the following:
> >
> > lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake hands
> with
> > peer: The TLS connection was non-properly terminated.
> > lib  serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shutdown server
> > socket
> > event task:MESSAGE:2015-11-06 09h36.44 CET:966: Task
> > 2e6cc5ec-27e3-4f29-8e53-8b2e6af6c81d could not be started by admin
> >
> > I am running OpenVAS 8 on Debian Jessie.
> >
> > Any advice is appreciated.
> > ___
> > Openvas-discuss mailing list
> > Openvas-discuss@wald.intevation.org
> >
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Peter Collins]

Thanks very much I'll try.

Sent from handheld device
On Mar 5, 2014 4:38 PM, Ryan Schulze r...@dopefish.de wrote:

  Hmm, I haven't seen that one before.

 I don't have a CentOS server here to test with, but off the top of my head
 I'd say it would seem that the manager process is having difficulty
 connecting to the scanner. I'd check if the scanner is running and the
 manager is configured to connect to it's port (and no firewall is blocking
 it).
 Sorry I couldn't give you any more specific help. Maybe someone else on
 the list with more experience with the CentOS packages and startup script
 configurations can help you further.



 On 3/4/2014 8:55 PM, Peter Collins wrote:

 Thank you Ryan. Here are the outputs of what you requested:


 less openvasad.log
 lib auth:   INFO:2014-03-02 20h00.23 PST:8338: Authentication
 configuration not found.
 lib auth:   INFO:2014-03-02 20h27.59 PST:1491: Authentication
 configuration not found.
 lib auth:   INFO:2014-03-02 20h34.09 PST:1528: Authentication
 configuration not found.
 lib auth:   INFO:2014-03-02 20h50.26 PST:1469: Authentication
 configuration not found.
 lib auth:   INFO:2014-03-04 18h40.47 PST:1468: Authentication
 configuration not found.

 tail *vasmd.log
 lib  serv:WARNING:2014-03-05 02h48.27 utc:2145: openvas_server_connect:
 failed to connect to server (interrupted): Connection refused
 event auth:MESSAGE:2014-03-05 02h48.27 utc:2145: Authentication success
 for user pcollins (9595afc7-3a24-4b97-9320-db2ac2510e66)
 lib  serv:WARNING:2014-03-05 02h48.27 UTC:2145:Failed to gnutls_bye:
 Error in the push function.
 lib  serv:WARNING:2014-03-05 02h48.32 utc:2150: openvas_server_connect:
 failed to connect to server (interrupted): Connection refused
 event auth:MESSAGE:2014-03-05 02h48.32 utc:2150: Authentication success
 for user pcollins (9595afc7-3a24-4b97-9320-db2ac2510e66)
 event task:MESSAGE:2014-03-05 02h48.32 UTC:2150: Task
 fe1af5f6-c589-4a64-b9b2-1ade94d11234 could not be started by pcollins
 lib  serv:WARNING:2014-03-05 02h48.32 UTC:2150:Failed to gnutls_bye:
 Error in the push function.
 lib  serv:WARNING:2014-03-05 02h48.32 utc:2151: openvas_server_connect:
 failed to connect to server (interrupted): Connection refused
 event auth:MESSAGE:2014-03-05 02h48.32 utc:2151: Authentication success
 for user pcollins (9595afc7-3a24-4b97-9320-db2ac2510e66)
 lib  serv:WARNING:2014-03-05 02h48.32 UTC:2151:Failed to gnutls_bye:
 Error in the push function.

 tail *vassd.log
 [Mon Mar  3 04:00:24 2014][8377] openvassd 3.4.0 started
 [Mon Mar  3 04:16:05 2014][9436] Communication closed by client
 [Mon Mar  3 04:27:02 2014][8377] received the TERM signal

 omp --username=foo --password=bar --get-tasks
 Failed to authenticate.






 On Tue, Mar 4, 2014 at 8:57 AM, Ryan Schulze r...@dopefish.de wrote:

  Is there anything useful in the GSA or OpenVAS Manager Logs?
 To determine if the problem is with GSA or the manager: does the cli work
 (something like omp --username=foo --password=bar --get-tasks)?


 On 3/4/2014 10:05 AM, Peter Collins wrote:

  I installed CentOS fresh, and immediately used Atomic to install
 OpenVAS with yum. Everything went perfectly. But when I go into Greenbone
 and attempt a simple scan, I get:

Operation: Start Task  Status code: 503  Status message: Service
 temporarily down


  And if I refresh that page I get a new error page saying

  Internal error: request_handler:2869
 (GSA 4.0.2)
 An internal error occured inside GSA daemon. Diagnostics:Token missing or
 bad.
 Your options (not all may work):
  'Back' button of browser | Login

  I tried the options and they don't work.

  Any ideas please?

  Thanks

  Peter


  ___
 Openvas-discuss mailing 
 listOpenvas-discuss@wald.intevation.orghttps://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss





___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Peter Collins]

Does anyone want to ssh into my system and check this problem? I can email
you the access stuff.

Peter


On Thu, Mar 6, 2014 at 5:52 AM, Peter Collins p...@coolwarm.com wrote:

 Thanks very much I'll try.

 Sent from handheld device
 On Mar 5, 2014 4:38 PM, Ryan Schulze r...@dopefish.de wrote:

  Hmm, I haven't seen that one before.

 I don't have a CentOS server here to test with, but off the top of my
 head I'd say it would seem that the manager process is having difficulty
 connecting to the scanner. I'd check if the scanner is running and the
 manager is configured to connect to it's port (and no firewall is blocking
 it).
 Sorry I couldn't give you any more specific help. Maybe someone else on
 the list with more experience with the CentOS packages and startup script
 configurations can help you further.



 On 3/4/2014 8:55 PM, Peter Collins wrote:

 Thank you Ryan. Here are the outputs of what you requested:


 less openvasad.log
 lib auth:   INFO:2014-03-02 20h00.23 PST:8338: Authentication
 configuration not found.
 lib auth:   INFO:2014-03-02 20h27.59 PST:1491: Authentication
 configuration not found.
 lib auth:   INFO:2014-03-02 20h34.09 PST:1528: Authentication
 configuration not found.
 lib auth:   INFO:2014-03-02 20h50.26 PST:1469: Authentication
 configuration not found.
 lib auth:   INFO:2014-03-04 18h40.47 PST:1468: Authentication
 configuration not found.

 tail *vasmd.log
 lib  serv:WARNING:2014-03-05 02h48.27 utc:2145: openvas_server_connect:
 failed to connect to server (interrupted): Connection refused
 event auth:MESSAGE:2014-03-05 02h48.27 utc:2145: Authentication success
 for user pcollins (9595afc7-3a24-4b97-9320-db2ac2510e66)
 lib  serv:WARNING:2014-03-05 02h48.27 UTC:2145:Failed to gnutls_bye:
 Error in the push function.
 lib  serv:WARNING:2014-03-05 02h48.32 utc:2150: openvas_server_connect:
 failed to connect to server (interrupted): Connection refused
 event auth:MESSAGE:2014-03-05 02h48.32 utc:2150: Authentication success
 for user pcollins (9595afc7-3a24-4b97-9320-db2ac2510e66)
 event task:MESSAGE:2014-03-05 02h48.32 UTC:2150: Task
 fe1af5f6-c589-4a64-b9b2-1ade94d11234 could not be started by pcollins
 lib  serv:WARNING:2014-03-05 02h48.32 UTC:2150:Failed to gnutls_bye:
 Error in the push function.
 lib  serv:WARNING:2014-03-05 02h48.32 utc:2151: openvas_server_connect:
 failed to connect to server (interrupted): Connection refused
 event auth:MESSAGE:2014-03-05 02h48.32 utc:2151: Authentication success
 for user pcollins (9595afc7-3a24-4b97-9320-db2ac2510e66)
 lib  serv:WARNING:2014-03-05 02h48.32 UTC:2151:Failed to gnutls_bye:
 Error in the push function.

 tail *vassd.log
 [Mon Mar  3 04:00:24 2014][8377] openvassd 3.4.0 started
 [Mon Mar  3 04:16:05 2014][9436] Communication closed by client
 [Mon Mar  3 04:27:02 2014][8377] received the TERM signal

 omp --username=foo --password=bar --get-tasks
 Failed to authenticate.






 On Tue, Mar 4, 2014 at 8:57 AM, Ryan Schulze r...@dopefish.de wrote:

  Is there anything useful in the GSA or OpenVAS Manager Logs?
 To determine if the problem is with GSA or the manager: does the cli
 work (something like omp --username=foo --password=bar --get-tasks)?


 On 3/4/2014 10:05 AM, Peter Collins wrote:

  I installed CentOS fresh, and immediately used Atomic to install
 OpenVAS with yum. Everything went perfectly. But when I go into Greenbone
 and attempt a simple scan, I get:

Operation: Start Task  Status code: 503  Status message: Service
 temporarily down


  And if I refresh that page I get a new error page saying

  Internal error: request_handler:2869
 (GSA 4.0.2)
 An internal error occured inside GSA daemon. Diagnostics:Token missing
 or bad.
 Your options (not all may work):
  'Back' button of browser | Login

  I tried the options and they don't work.

  Any ideas please?

  Thanks

  Peter


  ___
 Openvas-discuss mailing 
 listOpenvas-discuss@wald.intevation.orghttps://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss





___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Ryan Schulze]

Hmm, I haven't seen that one before.

I don't have a CentOS server here to test with, but off the top of my 
head I'd say it would seem that the manager process is having difficulty 
connecting to the scanner. I'd check if the scanner is running and the 
manager is configured to connect to it's port (and no firewall is 
blocking it).
Sorry I couldn't give you any more specific help. Maybe someone else on 
the list with more experience with the CentOS packages and startup 
script configurations can help you further.




On 3/4/2014 8:55 PM, Peter Collins wrote:

Thank you Ryan. Here are the outputs of what you requested:


less openvasad.log
lib auth:   INFO:2014-03-02 20h00.23 PST:8338: Authentication 
configuration not found.
lib auth:   INFO:2014-03-02 20h27.59 PST:1491: Authentication 
configuration not found.
lib auth:   INFO:2014-03-02 20h34.09 PST:1528: Authentication 
configuration not found.
lib auth:   INFO:2014-03-02 20h50.26 PST:1469: Authentication 
configuration not found.
lib auth:   INFO:2014-03-04 18h40.47 PST:1468: Authentication 
configuration not found.


tail *vasmd.log
lib  serv:WARNING:2014-03-05 02h48.27 utc:2145: 
openvas_server_connect: failed to connect to server (interrupted): 
Connection refused
event auth:MESSAGE:2014-03-05 02h48.27 utc:2145: Authentication 
success for user pcollins (9595afc7-3a24-4b97-9320-db2ac2510e66)
lib  serv:WARNING:2014-03-05 02h48.27 UTC:2145:Failed to 
gnutls_bye: Error in the push function.
lib  serv:WARNING:2014-03-05 02h48.32 utc:2150: 
openvas_server_connect: failed to connect to server (interrupted): 
Connection refused
event auth:MESSAGE:2014-03-05 02h48.32 utc:2150: Authentication 
success for user pcollins (9595afc7-3a24-4b97-9320-db2ac2510e66)
event task:MESSAGE:2014-03-05 02h48.32 UTC:2150: Task 
fe1af5f6-c589-4a64-b9b2-1ade94d11234 could not be started by pcollins
lib  serv:WARNING:2014-03-05 02h48.32 UTC:2150:Failed to 
gnutls_bye: Error in the push function.
lib  serv:WARNING:2014-03-05 02h48.32 utc:2151: 
openvas_server_connect: failed to connect to server (interrupted): 
Connection refused
event auth:MESSAGE:2014-03-05 02h48.32 utc:2151: Authentication 
success for user pcollins (9595afc7-3a24-4b97-9320-db2ac2510e66)
lib  serv:WARNING:2014-03-05 02h48.32 UTC:2151:Failed to 
gnutls_bye: Error in the push function.


tail *vassd.log
[Mon Mar  3 04:00:24 2014][8377] openvassd 3.4.0 started
[Mon Mar  3 04:16:05 2014][9436] Communication closed by client
[Mon Mar  3 04:27:02 2014][8377] received the TERM signal

omp --username=foo --password=bar --get-tasks
Failed to authenticate.






On Tue, Mar 4, 2014 at 8:57 AM, Ryan Schulze r...@dopefish.de 
mailto:r...@dopefish.de wrote:


Is there anything useful in the GSA or OpenVAS Manager Logs?
To determine if the problem is with GSA or the manager: does the
cli work (something like omp --username=foo --password=bar
--get-tasks)?


On 3/4/2014 10:05 AM, Peter Collins wrote:

I installed CentOS fresh, and immediately used Atomic to install
OpenVAS with yum. Everything went perfectly. But when I go into
Greenbone and attempt a simple scan, I get:

Operation:  Start Task
Status code:503
Status message: Service temporarily down


And if I refresh that page I get a new error page saying

Internal error: request_handler:2869
(GSA 4.0.2)
An internal error occured inside GSA daemon. Diagnostics:Token
missing or bad.
Your options (not all may work):
'Back' button of browser | Login

I tried the options and they don't work.

Any ideas please?

Thanks

Peter


___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org  
mailto:Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss







smime.p7s
Description: S/MIME Cryptographic Signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Service temporarily down

[Peter Collins]

I installed CentOS fresh, and immediately used Atomic to install OpenVAS
with yum. Everything went perfectly. But when I go into Greenbone and
attempt a simple scan, I get:

Operation:Start TaskStatus code:503Status message:Service temporarily down


And if I refresh that page I get a new error page saying

Internal error: request_handler:2869
(GSA 4.0.2)
An internal error occured inside GSA daemon. Diagnostics:Token missing or
bad.
Your options (not all may work):
'Back' button of browser | Login

I tried the options and they don't work.

Any ideas please?

Thanks

Peter
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss